-
An elusive hacker who went by the handle “UNKN” and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are abusing the long-running Phorpiex (Trik) botnet to run large-scale ransomware, sextortion, and crypto-clipping operations, turning one infrastructure into a multi-purpose crime machine. A newer variant called Twizt gives the botnet a hybrid…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Qilin ransomware group has developed a highly sophisticated infection chain that targets and disables over 300 endpoint detection and response (EDR) solutions. As defenders improve behavioral detection capabilities, attackers are increasingly targe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Things–named payloads to breach and encrypt systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly identified ransomware campaign is targeting Windows users across South America, leveraging tactics that closely mimic the notorious Akira ransomware group. According to ESET’s findings, the threat actors behind this campaign are attempting to e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New research from Seqrite explains the ‘dual-use dilemma,’ where ransomware attackers repurpose legitimate IT tools like IOBit Unlocker…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers are increasingly turning legitimate Windows administration tools into stealthy weapons to disable antivirus and EDR before launching ransomware, making attacks faster, quieter, and harder to stop. Instead of dropping noisy custom malware upfron…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A fully operational TheGentlemen ransomware toolkit on an exposed server, revealing victim credentials, ngrok tokens, and a complete pre-encryption playbook. This led them to an unauthenticated HTTP server at 176.120.22[.]127:80, hosted by Russian bull…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Linux-focused ransomware Pay2Key is actively targeting enterprise servers, VMware ESXi virtualization hosts, and cloud workloads, underscoring how far Linux ransomware has evolved beyond simple file lockers. Originally known for fast, human-operated Wi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
